10

When I give data like Email, documents or my search history to Google I trust that they will

  • keep my data secure (from hackers, employees, foreign governments, etc.)
  • keep it private
  • only use it for its intended purpose
  • make backups.

Is there a third party or government organization that checks if they do indeed follow their privacy policy? (and what happens if they do not)

Also, since I am an EU citizen, will my data stay within the EU?

To summarize from the answers:

  • there is no outside verification, the checks are done by Google internally
  • data can be stored anywhere, not just in the country of the customer
laktak
  • 474
  • 2
  • 10

4 Answers4

4

Google have lots of privacy information on their website:

http://www.google.com/intl/en/privacy.html

You might also find the Google Apps Security whitepaper interesting. I don't know how much of it extends to the consumer version of Google products, but it should give you some idea of what the infrastructure looks like and how its managed:

http://www.google.com/a/help/intl/en/admins/pdf/ds_gsa_apps_whitepaper_0207.pdf

Except in a few very specific circumstances (eg services for US Government) Google make no guarantees about where data is stored. However they are extremely proactive about ensuring they can fulfill their privacy and contractual obligations no matter where your data is stored.

Rob N
  • 1,408
  • 9
  • 10
3

This is not a direct answer to your question. However, I ran across this recently and it is very relevant to your question. At least you may be able to explicitly monitor what is being sent to Google:

Google is collecting a lot of data about how we use the web. The new Google Alarm Firefox addon visually & audibly alerts you whenever your personal information is being sent to Google servers.

Even outside Gmail and YouTube you are constantly sending Google your information through their vast network of “tracking bugs”: Google Analytics, Google AdSense, YouTube embeds, API calls… all of this data can be used to monitor & track your personal web browsing habits.

Google Alarm shows notifications, plays sound effects and keeps running stats about the % of websites you’ve visit with Google bugs present.

Disclaimer: I have no first hand experience with this plugin.

joyjit
  • 1,740
  • 14
  • 12
1

I doubt anyone other than Google could truly answer this, but a few thoughts come to mind:

  • Google is a US-based company that has datacenters all over the world. Where, geographically, your data resides is likely algorithmically-base, though I'd suspect that they'd try to localize storage
  • What is the intended purpose for data that Google has? It's at least for them to be able to make money on advertising (they are, after all, and advertising company that happens to do search)
  • I don't know of any organization that verifies the Privacy Policy is followed until or unless it's breached
warren
  • 510
  • 1
  • 5
  • 19
1

You can't expect that your data won't be able to be subpoenaed by US law. Google didn't mount a legal defense when they were subpoenaed to reveal the IP addresses of some Caribbean journalists. http://www.readwriteweb.com/archives/google_may_hand_over_muckraking_journalists_ip_add.php

If you need real privacy than you shouldn't use a cloud based service and encrypt mails.

Christian
  • 1,505
  • 6
  • 15
  • 24